Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 4 Stepping 3, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Disabled !
.
Internet Explorer 8.0.6001.18702
.
C:\  [Fixed-NTFS] .. ( Total:144 Go - Free:27 Go )
D:\  [CD_Rom]
E:\  [CD_Rom]
F:\  [Removable]
G:\  [Removable]
H:\  [Removable]
I:\  [Removable]
J:\  [Removable]
.
Scan : 20:06.02
Path : J:\Rooter.exe
User : Brandon Saimo ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (612)
______ \??\C:\WINDOWS\system32\csrss.exe (668)
______ \??\C:\WINDOWS\system32\winlogon.exe (692)
______ C:\WINDOWS\system32\services.exe (736)
______ C:\WINDOWS\system32\lsass.exe (752)
______ C:\WINDOWS\system32\svchost.exe (1036)
______ C:\WINDOWS\system32\svchost.exe (1124)
______ C:\Program Files\Windows Defender\MsMpEng.exe (1220)
______ C:\WINDOWS\System32\svchost.exe (1260)
______ C:\WINDOWS\system32\svchost.exe (1308)
______ C:\WINDOWS\system32\svchost.exe (1448)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1580)
______ C:\WINDOWS\system32\LEXBCES.EXE (1776)
______ C:\WINDOWS\system32\spoolsv.exe (1820)
______ C:\WINDOWS\system32\LEXPPS.EXE (1828)
______ C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe (1992)
______ C:\WINDOWS\Explorer.EXE (2040)
______ C:\WINDOWS\system32\ctfmon.exe (328)
______ C:\WINDOWS\ehome\ehtray.exe (556)
______ C:\WINDOWS\system32\hkcmd.exe (116)
______ C:\WINDOWS\system32\igfxpers.exe (604)
______ C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (664)
______ C:\Program Files\Real\RealPlayer\RealPlay.exe (672)
______ C:\WINDOWS\system32\dla\tfswctrl.exe (820)
______ C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe (1068)
______ C:\Program Files\iTunes\iTunesHelper.exe (1160)
______ C:\Program Files\Windows Defender\MSASCui.exe (1196)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (1336)
______ C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (1412)
______ C:\Program Files\Java\jre6\bin\jusched.exe (1420)
______ C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe (1444)
______ C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (1496)
______ C:\Program Files\Windows Live\Messenger\msnmsgr.exe (1500)
______ C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (1608)
______ C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (1620)
______ C:\Program Files\Digital Line Detect\DLG.exe (1700)
______ C:\WINDOWS\System32\svchost.exe (1692)
______ C:\WINDOWS\System32\svchost.exe (1908)
______ C:\WINDOWS\System32\svchost.exe (2068)
______ C:\WINDOWS\System32\svchost.exe (2728)
______ C:\WINDOWS\System32\svchost.exe (2740)
______ C:\WINDOWS\System32\svchost.exe (3396)
______ C:\WINDOWS\system32\svchost.exe (3472)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (3572)
______ C:\Program Files\Bonjour\mDNSResponder.exe (3584)
______ C:\WINDOWS\eHome\ehRecvr.exe (3620)
______ C:\WINDOWS\eHome\ehSched.exe (3688)
______ C:\Program Files\Java\jre6\bin\jqs.exe (3880)
______ C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (3988)
______ C:\WINDOWS\system32\svchost.exe (652)
______ C:\WINDOWS\system32\svchost.exe (1352)
______ C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (3412)
______ C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (1724)
______ C:\WINDOWS\ehome\mcrdsvc.exe (3980)
______ C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (4936)
______ C:\WINDOWS\system32\svchost.exe (5144)
______ C:\WINDOWS\system32\wbem\unsecapp.exe (5888)
______ C:\WINDOWS\system32\wscntfy.exe (3684)
______ C:\WINDOWS\system32\dllhost.exe (744)
______ C:\WINDOWS\system32\wbem\wmiprvse.exe (4152)
______ C:\WINDOWS\eHome\ehmsas.exe (4516)
______ C:\Program Files\iPod\bin\iPodService.exe (4648)
______ C:\WINDOWS\System32\alg.exe (3760)
______ J:\Rooter.exe (1980)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:32868864)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:32901120 | Length:154980725760)
\Device\Harddisk0\Partition3 (Start_Offset:155013626880 | Length:4984519680)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\Google Software Updater.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\MP Scheduled Scan.job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 20:06.28
.
C:\Rooter$\Rooter_1.txt - (12/07/2009 | 20:06.28)